SPAM coming in direct or through secondary MX?

I have been doing some reading about spam and secondary MXs recently. We currently use our ISPs backup MX service, simply because we are a small business at one location and we don't have backup mail servers. I'm told that often spammers will send to the second MX in order to bypass the spam checking on the main mail server. Our mail server is an Exchange 2003 SP2 (under SBS 2003) box.

So the questions I have are:

1. Why would sending to the secondary MX allow spammers to evade spam filters? The backup MX server eventually has to send those e-mail to the main server, so wouldn't the main server just filter the incoming e-mails at that point, regardless of the source?

2. How do I tell which e-mails came through the secondary MX and which came in directly to primary? I'd like to check to see if we are acutally receiving any e-mail through our secondary MX on a regular basis.

Is your secondary MX capable of the error message "Unknown User or Mailbox"?
or does it blindly accept anything addressed to your domain?

When you bounce these, then they probably are spam and you just bounced them back to some poor person who had their email address forged. It would have been better to refuse to accept the message in the first place.

Secondary MX servers are good for extremely high load situations or if you have a dial up link and aren't online all the time.

Remember the Sending MTA has a queue and will store the message anyway if you go down for a day or so.
So you really don't need them to be queued at the ISP. Why would it make any different whether the sender queues it or your ISP queues it?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

I have provided those articles which talk in detail about how to control spam and relay. Also, if the secondary MX is accepting those emails - how are they forwarding those emails to your exchange server ? via firewall / smtp gateway or directly ?

It uses a scheme called address verification, where it connects the the primary server to find out if a user exists if it has never been seen before. So Secondary MX servers can have access to user lists to verify emails.

So far as exchange servers are concerned, I haven't found the built in tools very good at stopping spam, so I generally don't have any MX records pointing directly at them, in favour of a front end server with better anti spam controls.

I agree fighting with spam is best done by "other" server rather than Exchange - even though Exchange 2003 IMF is built with anti-spam features - it is not the best in the world - hence having a smtp gateway / front-end box / firewall are the best configuration to receive (in other words MX records) / send emails (smart host setting).

0

Featured Post

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.

In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Recipients >> Contact ta…

In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment.
The video tutorial explains the basics of the Exchange server Database Availability grou…